Lucene search

K
wpvulndbLana CodesWPVDB-ID:A1D0D131-C773-487E-88F8-E3D63936FBBB
HistoryJan 17, 2023 - 12:00 a.m.

Judge.me Product Reviews for WooCommerce < 1.3.21 - Contributor+ Stored XSS

2023-01-1700:00:00
Lana Codes
wpscan.com
10
plugin vulnerability
contributor role
stored xss
woocommerce
shortcode attributes
security issue

EPSS

0.001

Percentile

23.3%

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

PoC

Note: First, you need to set Judge.me shop token. [jgm-feature-carousel all-reviews-page=“#’ onmouseover=‘alert(1)’ style=‘background:red;’”]

EPSS

0.001

Percentile

23.3%

Related for WPVDB-ID:A1D0D131-C773-487E-88F8-E3D63936FBBB